exploitDog

CVE-2009-1460

Опубликовано: 28 апр. 2009

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

razorCMS before 0.4 uses weak permissions for (1) admin/core/admin_config.php, which allows local users to obtain the administrator's password hash and FTP user credentials; and (2) the root directory, (3) datastore/, and (4) admin/core/, which allows local users to have an unspecified impact.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:razorcms:razorcms:*:*:*:*:*:*:*:*

Версия до 0.3 (включая)

cpe:2.3:a:razorcms:razorcms:0.2:*:*:*:*:*:*:*

cpe:2.3:a:razorcms:razorcms:0.3:rc2:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00052

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-86qj-rfhj-8qr4

github

почти 4 года назад

razorCMS before 0.4 uses weak permissions for (1) admin/core/admin_config.php, which allows local users to obtain the administrator's password hash and FTP user credentials; and (2) the root directory, (3) datastore/, and (4) admin/core/, which allows local users to have an unspecified impact.

EPSS

Процентиль: 16%

0.00052

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264